In an Internet era, electronic mail (E-mail) serves as a new infrastructure. At present, E-mail is indispensable as a communication tool in every kind of field including companies (business), schools (education), private communications to acquaintances and friends, etc.
As reasons for widespread use of E-mail, the transmission and reception cost is much cheaper than that of the existing similar means. Also, information equipment utilizing E-mail is not limited to the conventional personal computer environment, and the mail function is incorporated in mobile terminals such as cell phones and PDAs (Personal Digital Assistants). Thus, the E-mail can be said as being electronic information that has been recently utilized and popularized in an explosive way.
Meanwhile, troubles regarding certification of contents of E-mail and mass mailing (spam mail) have become social problems. For the certification of contents of E-mail, there are known a method using S/MIME (Secure Multipurpose Internal Mail Extensions, i.e., standards of an E-mail encryption system) and a technique related to an apparatus for certificating originality of an E-mail document.
More specifically, according to the S/MIME, encryption and an electronic signature are applied to a mail body (text) to prevent tapping, impersonation, tampering (falsification), etc. Another conceivable technique is to provide an originality certifying apparatus which adds an electronic signature to both E-mail and a file attached to it when the mail is sent, and which detects tampering when the mail is received. Requirements for security of E-mail can be satisfied by storing the body of the E-mail and the attached file in the encrypted form in the originality certifying apparatus and further restricting access to it.
Further, to cope with nuisance (spam) mail, an electronic signature can be added to E-mail in many cases to certify the contents thereof as with the case of storing general documents. The spam mail is sent from a mail sender who misrepresents information regarding a mail source to cover up the sender's identity. For example, a sender cites, as a sender address in a mail header (i.e., a mail address portion subsequent to “From:”), a mail address in a header of another mail and sends mail under the feigned address or the assumed identity.
In view of such a situation, an anti-spam technique (sender domain identification technique) has been recently developed which focuses on specifying a counterfeit mail address. The sender domain identification technique is divided into two types, i.e., one utilizing an IP address and the other utilizing an electronic signature. DKIM (DomainKeys Identified Mail) is known as a typical example of the sender domain identification technique of the type utilizing an electronic signature.
The DKIM enables a server having sent mail to be identified or checked on the receiver side. More specifically, the header and the body of mail are processed together to produce an electronic signature of an SMTP server (sender side mail server), and the produced information is added as a “DKIM-Signature:” header.
The “DKIM-Signature:” header has attributes for storing (holding) various items of information. Primary ones of the attributes include an attribute d (e.g., d=xx.com) for indicating the name of the sender domain where an electronic signature has been added, an attribute a (e.g., a=rsa-shal) for storing an algorithm used to produce the signature, an attribute h (e.g., h=From:To:Subject:Content-type) for indicating which item is to be a signature target, and an attribute b (e.g., b=tfx8cgksw92) for storing information of the electronic signature produced in the sender domain.
By sending mail to a receiver after addition of the “DKIM-Signature:” header including the above-described attributes, the receiver can identify the mail server by verifying the contents (such as the attributes and the electronic signature) of the “DKIM-Signature:” header.
In addition, because the header and the body of mail are processed together to produce the electronic signature, a false statement can be prevented from being generated, for example, by citing a part of the header (sender address subsequent to “From”) and safe mail sending can be realized. At present, standardization (into the form of RFC (Request for Comments)) of the DKIM having the above-described features is being rapidly progressed by a plurality of concerned vendors.
However, the above-mentioned three known techniques have the following problems.
The S/MIME cannot deal with spam mail because the electronic signature is not applied to the mail header information, such as the sender (mail address subsequent to “From”), the destination (mail address subsequent to “To”), and the subject (item subsequent to “Subject”).
In other words, the S/MIME is focused on safely managing E-mail by the apparatus for certificating originality of an E-mail document and pays attention to only certification of “content information”, i.e., the mail body and the attached filed. Therefore, if the mail header information, such as the sender (“From”), the destination (“To”), and the subject (“Subject”), is changed or added, the sender (“From”), the subject (“Subject”), and the contents of the mail body cannot be individually confirmed with the S/MIME.
Also, it is known that the DKIM is unsuitable for broadcast mail based on a mailing list (hereinafter abbreviated to “ML”) in which a region including part of the mail header and the body is automatically changed.
The mailing list means a list of E-mail addresses, which enables a message to be automatically sent as E-mail to only a certain group of subscribers. A message sent from one subscriber to the list is delivered to all the other subscribers. Further, the subscribers having registered in the mailing list can send messages, give replies, and read the messages among them.
In the mailing list, the mail posted to the ML address is sent to an ML server and is processed therein. At that time, the ML server automatically changes the body and the header of the mail in many cases, which are subjected to the electronic signature, when the mail is resent. Thus, the electronic signature produced at the time of posting is destroyed, and it can no longer be verified on the receiver side.
For example, because the ML name and the numbering are often inserted in the “Subject:” header, substantial care is required when the DKIM is applied to the ML.
In fact, the application to the ML is studied in details in the standardization of the DKIM. It is recommended, for example, to perform identification of the sender domain in the ML domain, and upon success of the identification, to produce an electronic signature after adding a new header regarding the ML, thereby replacing the “DKIM-Signature:” header (namely, deleting the previously stored electronic signature that has been put in the sender domain).
In such a case, since the electronic signature having been put in the sender domain is deleted, the known DKIM specifications just allow the identification of the immediately preceding sender domain and cannot perform confirmation regarding through which routes the mail has been delivered (i.e., regarding identification of the sending source mail servers included in the routes). In other words, the known DKIM specifications cannot identify all routes from the transmission to the reception.
Further, some providers presenting ML servers with no charge insert an advertisement in part of a mail body. Thus, the known DKIM specifications are not adaptable for rewrite of the mail body.